ICO: Upgrades must protect privacy

The Information Commissioner's Office is urging organisations to consider the impact on privacy before developing new IT or changing methods of handling personal data.

The call came as the ICO published the latest version of its privacy impact assessment handbook. The handbook aims to help organisations address the risks to personal privacy before implementing new initiatives and technologies.

Jonathan Bamford, assistant information commissioner, said: "For the public to have trust in an organisation, individuals must be confident that their information is held securely and processed in line with the Data Protection Principles.

"Each time someone gives away their personal information this not only puts the data at risk, they can leave a footprint creating a detailed picture of aspects of their daily lives. Therefore, it is essential that before introducing new systems and technologies, which could accelerate the growth of a surveillance society, full consideration is given to the impact on individuals and that safeguards are in place to minimise intrusion."

After the data breach at HM Revenue and Customs in November 2007, the Cabinet Office introduced a mandatory procedure for all central government departments and their agencies to adopt privacy impact assessments when they develop new systems.

Bamford described privacy impact assessments as a common sense approach to help organisations develop privacy friendly ways of working.